Announcement

Collapse
No announcement yet.

GrSecurity Kernel Patches Will No Longer Be Free To The Public

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Guest
    Guest replied
    Right, preferred form for making modifications - in other words the C and header files, the build scripts etc. I don't think it means the patches need to be exposed.

    One point that I feel isn't being made clear in these discussions: Grsecurity cannot legally prevent it's customers from distributing the modified kernel source code that Grsecurity provided to it's customers. Grsecurity can penalize them (by cutting off future support - it's a scumbag move though), but can't stop them from redistributing that source code otherwise.

    Leave a comment:


  • ssokolow
    replied
    Originally posted by sandy8925 View Post
    TheBlackCat They might not have to reveal the patches themselves, but if they are distributing patched kernel binaries, then the GPL definitely applies, and they do have to provide the patched source code, although they don't have to point out what changed.
    Actually, the GPL 2.0 says "The source code for a work means the preferred form of the work for making modifications to it."

    Leave a comment:


  • Guest
    Guest replied
    TheBlackCat They might not have to reveal the patches themselves, but if they are distributing patched kernel binaries, then the GPL definitely applies, and they do have to provide the patched source code, although they don't have to point out what changed.

    Leave a comment:


  • oiaohm
    replied
    Originally posted by TheBlackCat View Post
    *sigh* Is it really so hard to link to a PDF and say "look at page X-Z" in this document? Your link was to a German version of the ruling, with a vague promise that an English version will come later. The only English version I can find is for original case, not the appeal.
    The full transcript to the 2004 case is in German only. Really full court transcripts have to be paid for. None of this is link to a PDF on the internet and say read this. The only stuff you have in English on the Internet is abstracts and summary that don't include all the important information.

    https://arstechnica.co.uk/tech-polic...s-are-illegal/

    The subtitle case in 2017 is based off the same ruling and again the complete transcript is a pay for item and not in english. So you really need to go proper copyright lawyer who should paid for the documents and the translations.

    TheBlackCat the reality is not everything is on the Internet some you have to order in hard-copy and at time pay people to have access to that information. You are making the presume you don't have to-do that. I have provide you with the information you need to take to legal to answer you question.

    Leave a comment:


  • TheBlackCat
    replied
    Originally posted by oiaohm View Post
    Its covered in the full transcript.
    *sigh* Is it really so hard to link to a PDF and say "look at page X-Z" in this document? Your link was to a German version of the ruling, with a vague promise that an English version will come later. The only English version I can find is for original case, not the appeal.

    Leave a comment:


  • oiaohm
    replied
    Originally posted by TheBlackCat View Post
    That case is about some distributing software, not just the patches. I don't see anything in there about patches at all. Can you please point to exactly what you are talking about?


    Again, they are distributing software, not patches, and that software includes a chunk of kernel code from the summary I can find.
    Its covered in the full transcript.

    2004 case is both full software and patches. As patches used in the 2004 case come from other parties so ruling was required if GPL in fact applied to those to allow the one who has used the patches to release the source code instead of recall the product.

    The Sub title case is based off the 2004 GPL ruling. So this derived work issue effects a lot of things.

    Summary on those cases is incomplete. Its the compliance part of the rulings that cover the legality of patches and that is in the full transcript not the summary..

    Leave a comment:


  • Nth_man
    replied
    If it may be useful:

    Dutch Court Rules That Freely Given Fan-Subtitles Are Copyright Infringement
    https://www.techdirt.com/articles/20...ingement.shtml

    Fan-made subtitles for TV shows and movies are illegal, court rules
    https://arstechnica.co.uk/tech-polic...s-are-illegal/

    A commenter wrote that
    To be as terse as possible, the translated "sub" is technically a derived work distributed without permission (that's really the infringement part) from the copyright holder.
    although I am not a lawyer.

    It reminded me of what ssokolow wrote:
    Patches are derived works because they aren't sufficiently useful without being applied to the base work.

    Leave a comment:


  • TheBlackCat
    replied
    Originally posted by oiaohm View Post

    Its first covered in the 2004 German ruling for GPL. Its been brought up in fairly much every GPL case when it come to compliance.
    https://yro.slashdot.org/story/04/07...s-gpl-is-valid
    How to interpret section 2,3 and 4 of GPL v2 is in that case.
    https://www.gnu.org/licenses/old-lic...pl-2.0.en.html
    That case is about some distributing software, not just the patches. I don't see anything in there about patches at all. Can you please point to exactly what you are talking about?

    Originally posted by oiaohm View Post
    Vmware usage in esxi could also be on the legal side of the test with a little bit of fair usage thrown in.
    Again, they are distributing software, not patches, and that software includes a chunk of kernel code from the summary I can find.

    Leave a comment:


  • oiaohm
    replied
    Originally posted by TheBlackCat View Post

    Again, which rulings, specifically, are you talking about? Do you have links to the cases? I have asked several times for citations.
    Its first covered in the 2004 German ruling for GPL. Its been brought up in fairly much every GPL case when it come to compliance.
    https://yro.slashdot.org/story/04/07...s-gpl-is-valid
    How to interpret section 2,3 and 4 of GPL v2 is in that case.
    https://www.gnu.org/licenses/old-lic...pl-2.0.en.html

    Those interpretations are reaffirmed by USA and German rulings since. So it does not matter what ruling you pulled up just any one of the rulings in the USA and German courts even the vmware one recently state the test and it not disputed.

    Yes that is the derivative work stuff and what is the test. Nvidia binary/source wrapper driver passes the 2004 test as the blob can operate without the Linux kernel and they can demo it operating other other OS's like Freebsd and windows.

    Vmware usage in esxi could also be on the legal side of the test with a little bit of fair usage thrown in. Grsecurity PAX not so lucky. it fails the test without question.

    So sections of what is derivative work is at least partly defined and Grsecurity PAX is for sure on the wrong side.

    Please note section of Nvidia binary driver the source wrapper is gplv2 for where it makes too much contact with the Linux kernel to pass the independent work test.

    Lot of people get the foolish idea they can make a Linux kernel patch and ship it under some license other than GPLv2 of their choosing. Yes the license of a patch can be not GPLv2 but it has to be GPLv2 compatible. So you can make your Linux kernel patch MIT license for example. Since a person who gets your MIT license code can ship it as GPLv2 you have not broken the rules.

    zfs for Linux is in a legal grey area that has not been tested in court. Might be fine due to being able to demo that zfs comes from some other OS it also might be complete breach. Would take a court case to sort out.

    Basically Grsecurity PAX license options are limited. To be unlimited in license they have to demo multi platform support.

    The Nvidia example once linked into a binary is no longer shippable and it can use the loop hole of ship to client then no more.

    Leave a comment:


  • TheBlackCat
    replied
    Originally posted by oiaohm View Post

    You need to look to German and USA court ruling in this. To not be a derivative the code has be able to function without the GPL work. Vmware case is tricky as vmware esxi can operate without the Linux kernel. Grsecurity without question does not function without the Linux kernel so fails the basic legal test so is a derivative work without question. Companies making routers have argued these points in USA and German courts and been told their code is GPL no matter how they slice the source code.

    These ruling do provide problems for those doing zfs drivers under Linux. Even a lot of closed source drivers are questionable.
    Again, which rulings, specifically, are you talking about? Do you have links to the cases? I have asked several times for citations.

    Leave a comment:

Working...
X